Aurelien Jarno writes ("Re: Bug#963508: /lib/ LD_PRELOAD breaks 
with plain filename"):
> [stuff]

Thanks for your explanations and sorry for being dense.

>   In secure-execution mode, preload pathnames containing slashes are
>   ignored.  Furthermore, shared objects are preloaded only from the
>   standard search directories and only if they have set-user-ID mode bit
>   enabled (which is not typical).

Obviously it wouldn't be right for eatmydata to be loaded by actually
setuid programs.

Ian Jackson writes ("Re: Bug#963508: /lib/ LD_PRELOAD breaks with 
plain filename"):
> (As an aside, I'm not sure why it makes sense for apparmor to inhibit
> preloading.  I thought apparmor was intended to restrict the
> applications you apply it to, not defend them against their callers.)

So the overall effect is that programs with apparmor profiles are
mostly protected from the effects of LD_PRELOAD (and, I assume,
LD_LIBRARY_PATH and various other properties of the execution

This doesn't seem correct to me.  Is there any documentation giving a
rationale for this ?  Is there a way to change this locally ?
(Other than creating /etc/suid-debug, which is dangerous.)


Reply via email to